Details about the activation, including: the date and time the activation was created, the expiration date, the IAM role assigned to the instances in the activation, and the number of instances activated by this registration.

Instance Method Details

#add_tags_to_resource(params = {}) ⇒ Struct

Adds or overwrites one or more tags for the specified resource. Tags
are metadata that you can assign to your documents, managed instances,
Maintenance Windows, Parameter Store parameters, and patch baselines.
Tags enable you to categorize your resources in different ways, for
example, by purpose, owner, or environment. Each tag consists of a key
and an optional value, both of which you define. For example, you
could define a set of tags for your account's managed instances that
helps you track each instance's owner and stack level. For example:
Key=Owner and Value=DbAdmin, SysAdmin, or Dev. Or Key=Stack and
Value=Production, Pre-Production, or Test.

Each resource can have a maximum of 10 tags.

We recommend that you devise a set of tag keys that meets your needs
for each resource type. Using a consistent set of tag keys makes it
easier for you to manage your resources. You can search and filter the
resources based on the tags you add. Tags don't have any semantic
meaning to Amazon EC2 and are interpreted strictly as a string of
characters.

Registers your on-premises server or virtual machine with Amazon EC2
so that you can manage these resources using Run Command. An
on-premises server or virtual machine that has been registered with
EC2 is called a managed instance. For more information about
activations, see Setting Up Systems Manager in Hybrid
Environments.

Specify the document format for the request. The document format can
be either JSON or YAML. JSON is the default format.

:target_type(String)
—

Specify a target type to define the kinds of resources the document
can run on. For example, to run a document on EC2 instances, specify
the following value: /AWS::EC2::Instance. If you specify a value of
'/' the document can run on all types of resources. If you don't
specify a value, the document can't run on any resources. For a list
of valid resource types, see AWS Resource Types Reference in the
AWS CloudFormation User Guide.

An optional description for the Maintenance Window. We recommend
specifying a description to help you organize your Maintenance
Windows.

:schedule(required, String)
—

The schedule of the Maintenance Window in the form of a cron or rate
expression.

:duration(required, Integer)
—

The duration of the Maintenance Window in hours.

:cutoff(required, Integer)
—

The number of hours before the end of the Maintenance Window that
Systems Manager stops scheduling new tasks for execution.

:allow_unassociated_targets(required, Boolean)
—

Enables a Maintenance Window task to execute on managed instances,
even if you have not registered those instances as targets. If
enabled, then you must specify the unregistered instances (by instance
ID) when you register a task with the Maintenance Window

If you don't enable this option, then you must specify
previously-registered targets when you register a task with the
Maintenance Window.

:client_token(String)
—

User-provided idempotency token.

A suitable default value is auto-generated. You should normally
not need to pass this option.**

Defines the compliance level for approved patches. This means that if
an approved patch is reported as missing, this is the severity of the
compliance violation. Valid compliance severity levels include the
following: CRITICAL, HIGH, MEDIUM, LOW, INFORMATIONAL, UNSPECIFIED.
The default value is UNSPECIFIED.

:rejected_patches(Array<String>)
—

A list of explicitly rejected patches for the baseline.

:description(String)
—

A description of the patch baseline.

:client_token(String)
—

User-provided idempotency token.

A suitable default value is auto-generated. You should normally
not need to pass this option.**

#create_resource_data_sync(params = {}) ⇒ Struct

Creates a resource data sync configuration to a single bucket in
Amazon S3. This is an asynchronous operation that returns immediately.
After a successful initial sync is completed, the system continuously
syncs data to the Amazon S3 bucket. To check the status of the sync,
use the ListResourceDataSync.

By default, data is not encrypted in Amazon S3. We strongly recommend
that you enable encryption in Amazon S3 to ensure secure data storage.
We also recommend that you secure access to the Amazon S3 bucket by
creating a restrictive bucket policy. To view an example of a
restrictive Amazon S3 bucket policy for Resource Data Sync, see
Configuring Resource Data Sync for Inventory.

#delete_activation(params = {}) ⇒ Struct

Deletes an activation. You are not required to delete an activation.
If you delete an activation, you can no longer use it to register
additional managed instances. Deleting an activation does not
de-register managed instances. You must manually de-register managed
instances.

#delete_association(params = {}) ⇒ Struct

Disassociates the specified Systems Manager document from the
specified instance.

When you disassociate a document from an instance, it does not change
the configuration of the instance. To change the configuration state
of an instance after you disassociate a document, you must create a
new document with the desired configuration and associate it with the
instance.

#delete_resource_data_sync(params = {}) ⇒ Struct

Deletes a Resource Data Sync configuration. After the configuration is
deleted, changes to inventory data on managed instances are no longer
synced with the target Amazon S3 bucket. Deleting a sync configuration
does not delete data in the target Amazon S3 bucket.

#deregister_managed_instance(params = {}) ⇒ Struct

Removes the server or virtual machine from the list of registered
servers. You can reregister the instance again at any time. If you
don't plan to use Run Command on the server, we suggest uninstalling
the SSM Agent first.

Details about the activation, including: the date and time the
activation was created, the expiration date, the IAM role assigned to
the instances in the activation, and the number of instances activated
by this registration.

Describes the association for the specified target or instance. If you
created the association by using the Targets parameter, then you
must retrieve the association by using the association ID. If you
created the association by specifying an instance ID and a Systems
Manager document, then you retrieve the association by specifying the
document name and the instance ID.

Specify the association version to retrieve. To view the latest
version, either specify $LATEST for this parameter, or omit this
parameter. To view a list of all associations for an instance, use
ListInstanceAssociations. To get a list of versions for a specific
association, use ListAssociationVersions.

Describes the permissions for a Systems Manager document. If you
created the document, you are the owner. If a document is shared, it
can either be shared privately (by specifying a user's AWS account
ID) or publicly (All).

Describes one or more of your instances. You can use this to get
information about instances like the operating system platform, the
SSM Agent version (Linux), status etc. If you specify one or more
instance IDs, it returns information for those instances. If you do
not specify instance IDs, it returns information for all your
instances. If you specify an instance ID that is not valid or an
instance that you do not own, you receive an error.

Optional filters used to scope down the returned task invocations. The
supported filter key is STATUS with the corresponding values PENDING,
IN_PROGRESS, SUCCESS, FAILED, TIMED_OUT, CANCELLING, and CANCELLED.

:max_results(Integer)
—

The maximum number of items to return for this call. The call also
returns a token that you can specify in a subsequent call to get the
next set of results.

:next_token(String)
—

The token for the next set of items to return. (You received this
token from a previous call.)

Lists the executions of a Maintenance Window. This includes
information about when the Maintenance Window was scheduled to be
active, and information about tasks registered and run with the
Maintenance Window.

Request results are returned on a best-effort basis. If you specify
MaxResults in the request, the response includes information up to
the limit specified. The number of items returned, however, can be
between zero and the value of MaxResults. If the service reaches an
internal limit while processing the results, it stops the operation
and returns the matching values up to that point and a NextToken.
You can specify the NextToken in a subsequent call to get the next
set of results.

Returns counts of inventory types based on one or more expressions.
For example, if you aggregate by using an expression that uses the
AWS:InstanceInformation.PlatformType type, you can see a count of
how many Windows and Linux instances exist in your inventoried fleet.

The token for the next set of items to return. (You received this
token from a previous call.)

:max_results(Integer)
—

The maximum number of items to return for this call. The call also
returns a token that you can specify in a subsequent call to get the
next set of results.

:aggregator(Boolean)
—

Returns inventory schemas that support aggregation. For example, this
call returns the AWS:InstanceInformation type, because it supports
aggregation based on the PlatformName, PlatformType, and
PlatformVersion attributes.

Request results are returned on a best-effort basis. If you specify
MaxResults in the request, the response includes information up to
the limit specified. The number of items returned, however, can be
between zero and the value of MaxResults. If the service reaches an
internal limit while processing the results, it stops the operation
and returns the matching values up to that point and a NextToken.
You can specify the NextToken in a subsequent call to get the next
set of results.

The hierarchy for the parameter. Hierarchies start with a forward
slash (/) and end with the parameter name. A hierarchy can have a
maximum of five levels. For example:
/Finance/Prod/IAD/WinServ2016/license15

An invocation is copy of a command sent to a specific instance. A
command can apply to one or more instances. A command invocation
applies to one instance. For example, if a user executes SendCommand
against three instances, then a command invocation is created for each
requested instance ID. ListCommandInvocations provide status about
command execution.

For a specified resource ID, this API action returns a list of
compliance statuses for different resource types. Currently, you can
only specify one resource ID per call. List results depend on the
criteria specified in the filter.

Returns a summary count of compliant and non-compliant resources for a
compliance type. For example, this call can return State Manager
associations, patches, or custom compliance types according to the
filter criteria that you specify.

Returns a resource-level summary count. The summary includes
information about compliant and non-compliant statuses and detailed
compliance-item severity counts, according to the filter criteria you
specify.

Lists your resource data sync configurations. Includes information
about the last time a sync attempted to start, the last sync status,
and the last time a sync successfully completed.

The number of sync configurations might be too large to return using a
single call to ListResourceDataSync. You can limit the number of
sync configurations returned by using the MaxResults parameter. To
determine whether there are more sync configurations to list, check
the value of NextToken in the output. If there are more sync
configurations to list, you can request them by specifying the
NextToken returned in the call to the parameter of a subsequent
call.

#modify_document_permission(params = {}) ⇒ Struct

Shares a Systems Manager document publicly or privately. If you share
a document privately, you must specify the AWS user account IDs for
those people who can use the document. If you share a document
publicly, you must specify All as the account ID.

The permission type for the document. The permission type can be
Share.

:account_ids_to_add(Array<String>)
—

The AWS user accounts that should have access to the document. The
account IDs can either be a group of account IDs or All.

:account_ids_to_remove(Array<String>)
—

The AWS user accounts that should no longer have access to the
document. The AWS user account can either be a group of account IDs or
All. This action has a higher priority than AccountIdsToAdd. If
you specify an account ID to add and the same ID to remove, the system
removes access to the document.

#put_compliance_items(params = {}) ⇒ Struct

Registers a compliance type and other compliance details on a
designated resource. This action lets you register custom compliance
details with a resource. This call overwrites existing compliance
information on the resource, so you must provide a full list of
compliance items each time that you send the request.

A summary of the call execution that includes an execution ID, the
type of execution (for example, Command), and the date/time of the
execution using a datetime object that is saved in the following
format: yyyy-MM-dd'T'HH:mm:ss'Z'.

Information about the compliance as defined by the resource type. For
example, for a patch compliance type, Items includes information
about the PatchSeverity, Classification, etc.

:item_content_hash(String)
—

MD5 or SHA-256 content hash. The content hash is used to determine if
existing information should be overwritten or ignored. If the content
hashes match, the request to put compliance information is ignored.

The fully qualified name of the parameter that you want to add to the
system. The fully qualified name includes the complete hierarchy of
the parameter path and name. For example:
/Dev/DBServer/MySQL/db-string13

The maximum length constraint listed below includes capacity for
additional system attributes that are not part of the name. The
maximum length for the fully qualified parameter name is 1011
characters.

:description(String)
—

Information about the parameter that you want to add to the system.

:value(required, String)
—

The parameter value that you want to add to the system.

:type(required, String)
—

The type of parameter that you want to add to the system.

:key_id(String)
—

The KMS Key ID that you want to use to encrypt a parameter when you
choose the SecureString data type. If you don't specify a key ID, the
system uses the default key associated with your AWS account.

:overwrite(Boolean)
—

Overwrite an existing parameter. If not specified, will default to
"false".

:allowed_pattern(String)
—

A regular expression used to validate the parameter value. For
example, for String types with values restricted to numbers, you can
specify the following: AllowedPattern=^\d+$

The parameters that the task should use during execution. Populate
only the fields that match the task type. All other fields should be
empty.

:priority(Integer)
—

The priority of the task in the Maintenance Window, the lower the
number the higher the priority. Tasks in a Maintenance Window are
scheduled in priority order with tasks that have the same priority
scheduled in parallel.

:max_concurrency(required, String)
—

The maximum number of targets this task can be run for in parallel.

:max_errors(required, String)
—

The maximum number of errors allowed before this task stops being
scheduled.